<?php
include('common/_const.php');
include('common/common.php');
include('../inc/conn.php');
session_start();

$username=	trim($_POST["username"]);
$pwd= 		md5(PREPWD.$_POST["password"]);
$checkcode=	trim($_POST["checkcode"]);
$gurl	  =$_POST["url"];
checkillegalword($gurl);

if(empty($username)||empty($pwd)||empty($checkcode)){
	ShowMsg("用户名或验证码填写不完整！",$gurl);
	exit;
	}

if($checkcode==$_SESSION["checkcode_ico"]){
	
	$db=db_connect();//数据库连接
	$sql=select_sql("*",PRETABLE."adminuser","rootname='".$username."' AND rootpws='".$pwd."'");
	$rs=$db->query($sql);
	if($rs&&$rs->num_rows>0){
		date_default_timezone_set('Asia/Chongqing');//设置时区 
		$loginip=GetIP();//获取管理员登陆ip
		$logintime=date('Y-m-d h:i a');
		
		$sql=update_sql(PRETABLE."adminuser","logintims=logintims+1,lasttime='".$logintime."',loginip='".$loginip."'","CONVERT( rootname USING utf8 ) ='".$username."'");//更新管理员信息

		$db->query($sql);
		
		$_SESSION["user_admin"]=$username;

		
		ShowMsg_h("登陆成功！","index_admin.php");
		
	}
	else{
		ShowMsg("用户名或密码不正确！",$gurl);
	}
	$db->close();
}else{
	ShowMsg("验证码填写错误！",$gurl);
	exit;
}

?>